Cookie authentication

A cookie is set for every different Origin and contains a HMAC signature of the Origin and the User-Agent of the app accessing it. The cookie is set with HttpOnly flag, so that it cannot be read by JavaScript apps.

The HMAC key is reset each time you restart the server.

Example

python flaskdav.py --cert ssl.cert --key ssl.key --path /

tells the server to use the generated SSL key and certificate, and to give access to the full system.

Script

On NayuOS, do:

bash runflaskdav

to run flaskdav on / or give an absolute path as argument:

bash runflaskdav /media/removable

LICENSE

flaskdav is under the GPL2 license.

utils.py is a modified version of PyWebDAV's files that are under GPL2 License
original files: